Firmware Update : M2M/IoT Solution CONPROSYS™ Controller

2023/03/10Africa、Asia、Europe、Japan、Middle East、North America、Oceania、Latin America

Contec updated firmware of M2M/IoT Solution CONPROSYS™ M2M Controller Series, M2M Gateway Series.

What's New

Name of Series	What's New	Download
M2M Controller Series Integrated Type	Ver3.7.6 -> Ver3.8.0 -------------------------------- - Added the following vulnerability countermeasures. 1. OS Command Injection Vulnerability In the following page, the entered value is not properly validated, which makes it possible to execute OS commands. [Network] maintenance page, [Mail] setting page, [Static Routing] setting page, [Port Forwarding] setting page, [IP Filter] setting page 2. Firmware tampering vulnerability Firmware structure can be analyzed due to insufficient cryptographic strength of firmware update files. 3. Vulnerability to inadequate access restrictions Network maintenance page originally accessible only with administrator privileges can be accessed with normal privileges.	Download
M2M Controller Series Configurable Type	Ver3.8.8 -> Ver3.9.0 -------------------------------- - Added the following vulnerability countermeasures. 1. OS Command Injection Vulnerability In the following page, the entered value is not properly validated, which makes it possible to execute OS commands. [Network] maintenance page, [Mail] setting page, [Static Routing] setting page, [Port Forwarding] setting page, [IP Filter] setting page 2. Firmware tampering vulnerability Firmware structure can be analyzed due to insufficient cryptographic strength of firmware update files. 3. Vulnerability to inadequate access restrictions Network maintenance page originally accessible only with administrator privileges can be accessed with normal privileges.	Download
M2M Gateway Series	Ver3.7.10 -> Ver3.8.0 -------------------------------- - Added the following vulnerability countermeasures. 1. OS Command Injection Vulnerability In the following page, the entered value is not properly validated, which makes it possible to execute OS commands. [Network] maintenance page, [Mail] setting page, [Static Routing] setting page, [Port Forwarding] setting page, [IP Filter] setting page 2. Firmware tampering vulnerability Firmware structure can be analyzed due to insufficient cryptographic strength of firmware update files. 3. Vulnerability to inadequate access restrictions Network maintenance page originally accessible only with administrator privileges can be accessed with normal privileges.	Download

New Updates

2024/04/12

Software Update : RAS/RTC Raspberry Pi card CPI-RAS [Ver.1.04 → Ver.1.05]
2024/04/05

Driver Update : Driver API-AIO, API-SMC for Linux
2024/04/05

Driver Update : Driver API-SMC for Windows